tyler.durden
/
lynis
mirror of https://github.com/CISOfy/lynis.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Include AUTH-9284 and minor changes

This commit is contained in:
Michael Boelen 2020-10-22 14:17:01 +02:00
parent e67f786caa
commit bd6e1d5d39
No known key found for this signature in database
GPG Key ID: 26141F77A09D7F04
3 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -3,6 +3,7 @@
## Lynis 3.0.2 (not released yet)
### Added
- AUTH-9284 - Scan for locked user accounts in /etc/passwd
- Detection of Flatcar, Mageia, ROSA Linux, SLES (extended), Void Linux, Zorin OS
- Alpine, macOS and Mageia EOL dates

1
db/tests.db
View File

@ -37,6 +37,7 @@ AUTH-9268:test:security:authentication::Checking presence pam.d files:
AUTH-9278:test:security:authentication::Checking LDAP pam status:
AUTH-9282:test:security:authentication::Checking password protected account without expire date:
AUTH-9283:test:security:authentication::Checking accounts without password:
AUTH-9284:test:security:authentication::Checking locked user accounts in /etc/passwd:
AUTH-9286:test:security:authentication::Checking user password aging:
AUTH-9288:test:security:authentication::Checking for expired passwords:
AUTH-9304:test:security:authentication:Solaris:Check single user login configuration:

8
include/tests_authentication
View File

@ -927,8 +927,8 @@
#################################################################################
#
# Test : AUTH-9284
# Description : Search locked accounts
Register --test-no AUTH-9284 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Checking locked accounts"
# Description : Check locked user accounts in /etc/passwd
Register --test-no AUTH-9284 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check locked user accounts in /etc/passwd"
if [ "${SKIPTEST}" -eq 0 ]; then
LogText "Test: Checking locked accounts"
NON_SYSTEM_ACCOUNTS=$(${AWKBINARY} -F : '$3 > 999 && $3 != 65534 {print $1}' /etc/passwd | sort | uniq)
@ -946,11 +946,11 @@
for account in ${FIND3}; do
if echo "${NON_SYSTEM_ACCOUNTS}" | grep -w "${account}" > /dev/null ; then
LogText "Locked account: ${account}"
Report "locked_account=${account}"
Report "locked_account[]=${account}"
fi
done
Display --indent 2 --text "- Locked accounts" --result "${STATUS_WARNING}" --color RED
ReportWarning "${TEST_NO}" "Found locked accounts"
ReportSuggestion "${TEST_NO}" "Look at the locked accounts and consider removing them"
fi
fi
#